Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zi3dTArVHBbdmbwYidnDTAxR558.roa
File: zi3dTArVHBbdmbwYidnDTAxR558.roa (raw, json)
Hash identifier: fRYiQzfqagnk/e89tTD05veNnJllMZmBoobb6bjjFZ0=
Subject key identifier: CE:2D:DD:4C:0A:D5:1C:16:DD:99:BC:18:89:D9:C3:4C:0C:51:E7:9F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AE9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zi3dTArVHBbdmbwYidnDTAxR558.roa
Signing time: Sun 07 Apr 2024 03:22:30 +0000
ROA not before: Sun 07 Apr 2024 03:22:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15081 (0x3ae9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 03:22:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CE2DDD4C0AD51C16DD99BC1889D9C34C0C51E79F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fc:11:cf:6d:3c:2f:c4:61:af:fa:90:4d:4a:
c4:a2:f2:30:94:97:dc:da:a5:81:78:1c:15:c2:a4:
8e:d5:f9:81:e3:60:fa:fa:58:74:f3:84:a3:21:4d:
00:69:0f:c8:44:a0:dd:4b:f3:38:9d:19:19:45:7f:
06:4f:32:0e:fe:9d:2a:e6:f9:11:1e:b8:96:9f:09:
bc:c9:53:72:75:6e:8c:33:88:d3:21:b0:41:1a:a6:
65:c1:d5:46:a2:3f:f0:c7:c9:e3:23:a1:68:dd:0c:
cb:75:98:bd:e9:89:58:32:47:12:79:62:2f:2c:91:
39:a9:5a:a3:de:3f:ca:5d:e4:86:f7:d9:39:1b:74:
23:c6:1f:26:35:ea:6f:48:36:4b:fa:43:f2:74:4c:
8e:32:ab:37:bc:c1:db:ae:f8:9b:e8:8d:82:d6:d1:
c9:1b:44:fd:6e:9a:70:38:62:fe:31:48:f9:78:39:
35:de:e1:c8:9f:26:6c:4e:be:4e:f8:ee:69:50:3f:
2f:07:b6:fb:fd:68:58:54:7c:7d:bf:dd:62:a2:04:
91:e2:6c:64:6c:84:6b:15:05:68:a9:f5:9b:d6:b2:
6a:13:6d:43:71:37:9b:1b:5a:c8:02:ed:dc:c0:c9:
f0:90:42:a8:3b:1f:ff:72:23:4e:eb:b2:f3:86:b8:
5b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:2D:DD:4C:0A:D5:1C:16:DD:99:BC:18:89:D9:C3:4C:0C:51:E7:9F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zi3dTArVHBbdmbwYidnDTAxR558.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
63:b2:5a:a3:e0:cc:e4:74:24:1f:61:f9:1a:87:27:01:6a:8d:
04:cc:c0:84:9b:6d:42:9d:8f:5b:ea:0d:94:67:56:01:e1:f3:
fe:b9:89:db:6e:a6:b3:d6:49:35:55:5e:d7:14:2e:54:60:16:
d6:ce:b1:a9:89:c8:98:fd:0d:92:23:46:d1:26:d2:5a:b3:43:
2b:ed:81:a5:e2:0c:a9:ea:fb:f7:4d:69:b6:9d:20:1d:d6:c4:
60:b4:2a:68:c7:96:82:4c:b4:7f:2d:99:37:c1:f3:f6:21:a3:
04:f0:72:4a:83:52:83:4a:7d:8c:79:30:9b:47:8b:54:b5:18:
9f:b8:0d:44:c9:fb:87:59:42:f7:e6:bd:aa:cd:17:f2:ca:9f:
64:6d:10:44:b0:1f:0b:d3:c0:db:1f:c4:8c:c3:86:ae:80:3b:
46:4e:9e:a2:be:1f:a3:f7:b5:1a:cb:e1:b5:7d:2d:a6:ae:fc:
d2:c9:21:3c:c6:6e:de:42:41:0b:6a:89:4c:d1:69:fd:2d:60:
4d:af:db:96:09:06:f5:2a:f7:bb:89:a6:10:61:70:ac:93:28:
bc:62:b6:fd:d5:45:8e:a0:ab:8e:0d:ef:4e:78:70:51:6f:e0:
08:79:69:1a:7f:be:55:fc:25:9f:91:7f:67:fe:85:ff:a3:e3:
42:7b:d3:46
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOukwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
MzIyMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENFMkRERDRDMEFENTFD
MTZERDk5QkMxODg5RDlDMzRDMEM1MUU3OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9/BHPbTwvxGGv+pBNSsSi8jCUl9zapYF4HBXCpI7V+YHjYPr6
WHTzhKMhTQBpD8hEoN1L8zidGRlFfwZPMg7+nSrm+REeuJafCbzJU3J1bowziNMh
sEEapmXB1UaiP/DHyeMjoWjdDMt1mL3piVgyRxJ5Yi8skTmpWqPeP8pd5Ib32Tkb
dCPGHyY16m9INkv6Q/J0TI4yqze8wduu+JvojYLW0ckbRP1umnA4Yv4xSPl4OTXe
4cifJmxOvk747mlQPy8Htvv9aFhUfH2/3WKiBJHibGRshGsVBWip9ZvWsmoTbUNx
N5sbWsgC7dzAyfCQQqg7H/9yI07rsvOGuFvxAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUzi3dTArVHBbdmbwYidnDTAxR558wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ppM2RUQXJWSEJiZG1i
d1lpZG5EVEF4UjU1OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGOyWqPgzOR0JB9h
+RqHJwFqjQTMwISbbUKdj1vqDZRnVgHh8/65idtuprPWSTVVXtcULlRgFtbOsamJ
yJj9DZIjRtEm0lqzQyvtgaXiDKnq+/dNabadIB3WxGC0KmjHloJMtH8tmTfB8/Yh
owTwckqDUoNKfYx5MJtHi1S1GJ+4DUTJ+4dZQvfmvarNF/LKn2RtEESwHwvTwNsf
xIzDhq6AO0ZOnqK+H6P3tRrL4bV9Laau/NLJITzGbt5CQQtqiUzRaf0tYE2v25YJ
BvUq97uJphBhcKyTKLxitv3VRY6gq44N7054cFFv4Ah5aRp/vlX8JZ+Rf2f+hf+j
40J700Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org